-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3418-1 security@xxxxxxxxxx https://www.debian.org/security/ Michael Gilbert December 14, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2015-6788 CVE-2015-6789 CVE-2015-6790 CVE-2015-6791 Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-6788 A type confusion issue was discovered in the handling of extensions. CVE-2015-6789 cloudfuzzer discovered a use-after-free issue. CVE-2015-6790 Inti De Ceukelaire discovered a way to inject HTML into serialized web pages. CVE-2015-6791 The chrome 47 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.7.80.23. For the stable distribution (jessie), these problems have been fixed in version 47.0.2526.80-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 47.0.2526.80-1. We recommend that you upgrade your chromium-browser packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJWb3h0AAoJELjWss0C1vRzX/cgAIi/ElAs/swYNiPAGgxBeF2m Xprs8R5JVQ1ZyaD7GXfEMZ3HQm6j8ubbQNGktT9/5iHaa18ERzyV+no4erLv3YHh 97KFa13PQvdeCiCkzwKiUxgFJ8iWkIh/zYbvGyNdfGClZnqCDnsU61LmYatN1ROq ldw1kt4qpW0lAj2cXmf3MvppuwafOMq3aM+Oe480+UUraSjlwr0U01NUEccY6JLT /Kdp6eA+x0WAkVfV3kFVodTRFkbuGlp87CoqMb5qbiy+k6ImvZ16h2TsSRU0G1yP rJMEnm3//FI4JgSduLxgVjWH4ud/kogbdcP/qPuzZq3LQe9Xk0L82whLLwiru3P/ por61wEM1drKP+oHYvDNp/O+XDoQXfBgfpCoS/hrP8C/PbZACgCOTRKu7ioYZI3f g0wjVcxh+6kElmHgEZNN2wXRVv7/KfvnDoxg6f4AtdPvnyG2f/eEez3njxVSCp7m jY323zNQoXkZkpBclIDEtVNLd/iluRmT0K1uwVAcC2xAR43/R+b8k+av4uIlS461 gAAb0zuzJ3EQqfZT1EE7KJ7xAmkfu+VEaglZF3XsPFmXIraLMXk09MzLaH9vHDp1 ntqX7itumFuTNw+o3YwTftAiwXf8YyrFCuY2t18ccMlQCwLCI7DTb18f82L/Mx9D nnUcyMOcfDrJk34/OrCEnou9lcJhrJF5xUciGcWJiTnyIP77hatahQuSR7WfG4UT vz+LF0Tqgo2XDDtrbf3t0AitG6o1GRqqaE5to/D16Y/OWi4l2A1OQQ2/6ZX3dJfE hry+wXIYlXRNsIqQXl39KKuzz0MVvMJRlWSLLyLjsQUxiC0iB+gET6N/pRvfPDcx +EFg2NNkT0furCosCP1JRqXwL/8Szxex4bXlutUUx6yTOv5OmYR3nFXJ8LilV4B0 N5nEesF5/IF//FzoM2TvU3zMiyUTuCKlTPFrARe37CbD2U230/3SWw5N6csFmHZI Z5l7lHsTavpgkDxgNI2FEXdwDWUnXIXSl6lBJ8ema43Wootwb9Kb3I0n5xVw1qMq tNXs5gBDD3+Vzukr+Aoeu4VGyxV9QmWrC8F4uc+7jFRQ9DvZ2R3srbG3Is8wT0JL PW3XYU6dx6e7aigG1nlFnY7/XsaAxrDIY3rUM3YLvovQw/XJkrtdY1ihQRzO/Hge eEIWZfsVBr9cvdtl5FjlqO6FF26ElPRCaD0efA2HqKpwgH318khQ+qAQeTWCjh9L QkmM/lD8KuLBf4uue7THMTLIzdp/pMQMETzvVyPBIHy+5RZYvuPpe1L3eGh7t2wn iIPXgHARVtVRsdOQIYsjojI99EQqy38C8KxEEyXQbFiw7QaNrZjbrqreVZKIQbU= =BLH9 -----END PGP SIGNATURE-----
